Personal health records

Well, I seem to have answered my own question of the other day (in this post):

• * if a third party service (eg Google) hosts your personal health record, does this mean that the health record and the personal information it contains might lose its privileged legal status (ie the confidentiality of the patient/doctor relationship).

On the same day I was blogging about this very issue, the World Privacy Forum released a report entitled Legal and Policy Analysis: Personal Health Records: Why Many PHRs Threaten Privacy. You can access the report here Legal & Policy Analysis: PHRs.

Depending of course on the jurisdiction, a relevant Health Act may not protect the privileged status of health records if a third party is involved (leaving aside all the exceptions to physican/patient privilege). If a patient allows a health care professional to send their PHR to a commercial PHR company, I have a sinking feeling that it gets murky – it could be argued, for example, that the patient waived privilege by sending the PHR to a third party.

Personal health records are a relatively new trend in health care and a new business model. Medical information is gathered from different sources and made available online to the patient or consumer (and other authorised parties). PHRs are being promoted as putting the power into consumers’ hands by giving “one stop shop” access to medical knowledge and information. And they provide an opportunity for people to become more actively engaged in managing their own health care information. This is the good bit. The bad bit is that PHRs that are hosted and managed under a commercial PHR model that is outside the laws established for a particular health care sector may be vulnerable to exploitation.

Other bad bits are that patients (like innocent lambs to the slaughter) may not realise that their PHR is not covered by special protections of the patient/doctor relationship (if the PHR falls outside the jurisdiction’s Health Act that is).

And then there’s the whole commercial aspect to PHRs. Just like email lists seem to fall into the hands of companies that then bombard you with email ads (I seem to be plagued by “penis-enlargement” emails), PHRs could end up (depending on the terms the PHR operates under) being sold or rented without the patient’s knowledge or consent. We all know that companies pass around or share people’s information, but you wouldn’t hope that your PHR would be farmed out. And you can bet your bottom dollar that pharmaceutical companies would be salivating at the thought of gaining access to information contained in PHRs. How many of us actually take the time to read the privacy policies of vendors to check how they use personal information?

And here’s a scary scenario from the report:

“A PHR vendor can target ads more narrowly so that they appear only to 50-plus year-old white males with diabetes, an annual income over $75,000, and a health plan that pays for drugs. The targeting itself may not disclose any personal information, depending on how it is done. However, when the user clicks on the ad, the advertiser can often infer that the user has certain the specified characteristics. If the advertiser can identify the user because of a previously set “cookie,” because of the user’s static IP address, because of another behavioral tracking activity, or because the user casually provides a name or email address to obtain more information, the specified information about the consumer can pass to a third party advertiser. The advertiser may then use the information, disclose it to others, share it with commercial data brokers, or do anything it pleases because no privacy law typically applies and because it is not typically subject to the PHR’s privacy policy”.

And then of course there’s the whole security issue – can we trust mega PHR services to provide a secure service available over the Internet? Data breaches, hackers and security gaffes raise their ugly heads.

Further questions I’d be asking are:

• should there be a stuff up with your information, will the PHR service take responsibility for data error or disclaim any liability?
• once the PHR has your personal data, will it go about collecting further information about you from other sources so it has a complete personal profile?
• will the PHR store patient searches so it can find out what you are accessing? Presumably a PHR service would be accompanied by links to medical information on diseases and procedures that the patient could search. So you’d have a PHR service going beyond just hosting your personal PHR to knowing your search habits.
• if you stop using the PHR, what happens to the information on you that has been stored to date?

I’m sure you could come up with more questions and uncertainties but this should freak us out for the time being. Take the time to read the report as I really think that PHRs will be a future privacy battlefield.